I learnt from a recent Freedom of Information request to the ONR that the Wylfa Magnox site was subject to a cyber attack event on the 10 April 2019, which at the time of receiving the FOI response on 4 June was still being investigated.
I assume that the investigation is now complete and as such an incident report, which is required within 60 days under ONR guidance, should now be complete. To save time and resources through recourse to a further FOI, I was just wondering if it would be possible to receive information about or a copy of the report? For reference, there was a previous cyber incident at Barnwood which I received the following information from through FOI – if you can provide something similar for Magnox I'd be very grateful:
Licence Holder: EDF Energy Nuclear Generation Limited (NGL)
Licence Site: Barnwood
Outcome: EDF Energy NGL network users received a number of targeted phishing emails from a compromised known third party. EDF Energy NGL blocked access to external web sites hyperlinked within the emails and communications were sent to all recipients of the phishing email asking them to confirm their actions in relation to the phishing email. A further technical review of access to the external web sites was undertaken. All users known to have received the phishing email had their passwords reset as a precaution. There was no indication of compromise to the EDF Energy NGL network. The third party system falls outside of ONR’s regulatory scope.
Magnox Ltd reported a cyber event on 10 April 2019 to ONR. A 60 day report was received on 18 June 2019 in which Magnox Ltd state that a proactive scan found strains of malware on a computerised system, this position was addressed. The system in question does not provide a nuclear safety function and no operational impact was reported.